On 2 Jul 2008, at 16:22, John K. wrote:
Not from what I can tell. Can you give me any examples that would
cause race conditions? Double clicking login?
For example if you load the page with the login box simultaneously
(and you don’t yet have a session cookie) then you’ll get two entirely
separate session cookies or if a page fired two ajax requests that
happened to overlap. I know there are some tools (virus scanners, ‘web
accelerators’) that preemptively load pages before you click on the
link, could be a factor
Other than that I can’t think of anything better than finding an
example where it did happen, pull all the requests from that ip
address from your log file and go over it with a fine comb.
If you are using the cookie store, session ids look like
if you take the first portion, you can extract what was in their
So I had an empty session with just the flash.
I’d probably write a script that would munch through the log files
and print each request from the person in question along with what was
in the session and try and workout what happened.